Basically - longstanding, unfixable CPU design flaw means serious security hole can only be fixed at higher level operating system level. Such workarounds at these levels lead to significant slowdowns.

64bit Windows, macOS* and Linux will all be affected.

AMD users safe, and may chortle (within the TOS, of course).

I rather like "Forcefully Unmap Complete Kernel With Interrupt Trampolines".

*The Register piece has been updated to state that macOS has already been patched since version 10.13.2

Comments

I have not updated my main WIN 8 pc for 3-4 years. It runs my music DAW, and ever since I started the DAZ hobby it runs DS too. I always disable any external interference in my workstation rig, keeping it stable and predictable.

Quote from AMD:
"AMD processors are not subject to the types of attacks that the kernel page table isolation feature protects against. The AMD microarchitecture does not allow memory references, including speculative references, that access higher privileged data when running in a lesser privileged mode when that access would result in a page fault."

Guess they've not so covertly informed the world that the issue has to do with Intel's preemptive code execution potentialy accessing kernal memory that the current processing level isn't authorized to access..... lol

I guess it looks like I'll be turning off windows updates notices on my i7 server machine.and update the hardware manually.

my win10 laptop is so slow i doubt i would notice a 30% decrease. But my ivy bridge intel i7 4.4.4 ghz is in a server set up mode with external gpus and is smoking fast . 30% decrease would be definitely be a hard benchmark notice when rendering animation and would not be worth the update to me when i can pull the system off-line or put it behind my firewall and bump up restrictions and feed content to it through my LP . either way this old system won't be learning any new processor tricks.

Basically it means that Intel chips calculations right hand doesn't know what its left hand is doing for long enough for some hacker jerk to get info it's not supposed to be privy to and can exploit and that a firmware update from Intel is not enough to fix it. Your choices are: update your OS and take the potential performance hit or buy new hardware. Period.

Well, or disconnect from the internet and don't install anything new or put anything new on your computer.

There is a defect (which apparently has been around for about 10 years) in Intel's x86 processor lines including i3, i5, i7, i9, Xeon, etc. The defect lies in the internals of the processor that helps the operating system regulate between user spaces (think of this as your own private world in the operating system) and privilaged spaces (like the parts of the operating system that control disk drives, USB, video cards, audio chips, etc.) Recently, hackers have found a way to exploit this defect.

Because the chip is hardwired when it was made, operating systems like Linux, MacOS, and Windows that rely on these processors will have to change how they protect data moving from user spaces to privilaged spaces, rather than depending solely on the chips support. This will make some things slower. How much slower, and how that will impact a complex program is still being measured, but things that have a lot of data going out to disk drives (like databases) seem to be the most affected, while things that privately run lots of calculations, like audio and video encoding seem to be largely unaffected. Games, which use the video card seem largely unaffected in terms of frame rate, which is a relatively good sign.

As I understand it there is a flaw in the design of Intel CPUs that makes it possible for a hacker to access parts of the operating system they should not be able to see. This could help them break into computers. Windows has to be modified to stop them doing this, but this means Windows has to do more security checks which take up CPU time so there will be a bit less CPU time for running applications.

To any experts reading this, please correct me if I have got it wrong.

"I'm extreme about health, I know, but I'm not alone with this," he told the Times. Evans and other proponents argue that "raw water" is healthier than regular water, which they see as tainted by chemicals like fluoride.

I think it's time someone introduce them to the wonders of reverse osmosis and distillation.

I think we'll need to wait a bit for the actual patches to roll out on Windows and MacOS before we can.

I think most of the issue will be in I/O heavy tasks (think databases) which have to cross from user space to hardware drivers at very high rates. We'll see.

That's what I'm worried about honestly. At my office we run a database that it's not unusual for it to pass 1 million IOs a second, and we are very heavily virtualized on the server side. If those get the potential 30% performance hit, we are going to feel it in a bad way.

"I'm extreme about health, I know, but I'm not alone with this," he told the Times. Evans and other proponents argue that "raw water" is healthier than regular water, which they see as tainted by chemicals like fluoride.

I think it's time someone introduce them to the wonders of reverse osmosis and distillation.

"Raw water"???! o.O Are they nuts? With all the crap one can catch nowdays? The very thought gives me sympathetic stomach cramps...

I guess they don't care that their "raw water" might also be tained with "raw sewage"....maybe it's just a "raw" thing..... o.O

I think you'd have to go back to sometime around 2007 or thereabouts to find one without the bug. My Dell XPS which is just two years old surely has it, so bad news for me on the one hand. On the other, the new laptop I ordered during their Boxing Day sale has AMD chips. Guess I was lucky that even on sale the Intel laptops were out of my league budget-wise.

"I'm extreme about health, I know, but I'm not alone with this," he told the Times. Evans and other proponents argue that "raw water" is healthier than regular water, which they see as tainted by chemicals like fluoride.

I think it's time someone introduce them to the wonders of reverse osmosis and distillation.

"Raw water"???! o.O Are they nuts? With all the crap one can catch nowdays? The very thought gives me sympathetic stomach cramps...

I guess they don't care that their "raw water" might also be tained with "raw sewage"....maybe it's just a "raw" thing..... o.O

Laurie

Flouride is not so bad but chorine tastes so aweful I only make tea with tap water and use flouride infused mouthwash to make up to for it (I once very quickly found out how much flouride really does protect the teeth years ago when I moved from USA to Switzerland)

"I'm extreme about health, I know, but I'm not alone with this," he told the Times. Evans and other proponents argue that "raw water" is healthier than regular water, which they see as tainted by chemicals like fluoride.

I think it's time someone introduce them to the wonders of reverse osmosis and distillation.

"Raw water"???! o.O Are they nuts? With all the crap one can catch nowdays? The very thought gives me sympathetic stomach cramps...

I guess they don't care that their "raw water" might also be tained with "raw sewage"....maybe it's just a "raw" thing..... o.O

Laurie

Flouride is not so bad but chorine tastes so aweful I only make tea with tap water and use flouride infused mouthwash to make up to for it (I once very quickly found out how much flouride really does protect the teeth years ago when I moved from USA to Switzerland)

I only drink bottled spring water and we make the coffee with distilled. The only time I use tap water is for cooking and washing dishes. There's flouride in the toothpaste and moutwash. And while I will agree that chlorine smells and tastes awful, it's better than picking up a shigella germ or worse. Gah.

I guess it looks like I'll be turning off windows updates notices on my i7 server machine.and update the hardware manually.

my win10 laptop is so slow i doubt i would notice a 30% decrease. But my ivy bridge intel i7 4.4.4 ghz is in a server set up mode with external gpus and is smoking fast . 30% decrease would be definitely be a hard benchmark notice when rendering animation and would not be worth the update to me when i can pull the system off-line or put it behind my firewall and bump up restrictions and feed content to it through my LP . either way this old system won't be learning any new processor tricks.

sad news indeed

....I turned off Windows update on my W7 system on Sept 30th, 2016 when MS switched from single individual update files (that you could "pick & choose from") to the bundled update format they now use (which forced you to accept all or none of the updates just like in W10). Yeah, I render on the CPU in both 3DL and Iray which, considering the what I gather from the article, would mean longer rendering times due to the constant calls made to the CPU during the process, no thanks.